If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

nslookup more than one name

If I do and nslookup on an IP or use nmap –sL for a range it only returns the fist DNS name it finds for that IP, anyone know a quick way to find more than one?

For example, lets say IP 111.111.111.111 maps to srv.myorg.com. Some use also used a dynamic DNS service to map the same IP to myownedbox.dyndns.org. If it do an nsloookup on just 111.111.111.111 I just see the srv.myorg.com, is there a way to use nslookup or dig to look for more than just the first mapping?

There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

Got my stuff backwards...a PTR can only point to one name (which is what you are querying if you lookup an IP). If you were then to try to look up the name, your mileage may vary (depending on if they did multiple A records or CNAMES).

There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

If you direct your query to a dyndns.org DNS server, it should give you the dyndns.org host name for your IP because it knows the answer from its own table of entries. But any other DNS server won't know the answer, so it will go through the DNS hierarchy to find it, and that will end up pointing it to the DNS server registered for that IP address, which is going to give you the myorg.com host name.

So, I think to find any hostname other than the primary one, you'd need to know some other DNS server that has an entry for that IP...which would basically mean knowing the domain name of the full host name you're trying to find. That or querying thousands of DNS servers and hoping to find one.